我正在寻找仅允许某些域访问我的 Laravel 应用程序的最佳方法。我目前正在使用 Laravel 5.1,如果引用域不在白名单域中,我正在使用中间件进行重定向。
class Whitelist {
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
//requesting URL
$referer = Request::server('HTTP_REFERER');
//parse url to match base in table
$host = parse_url($referer, PHP_URL_HOST);
$host = str_replace("www.", "", $host);
//Cached query to whitelisted domains - 1400 = 24 hours
$whiteList = Cache::remember('whitelist_domains', 1400, function(){
$query = WhiteListDomains::lists('domain')->all();
return $query;
});
//Check that referring domain is …